package org.third.spring.boot.hello.security;

import com.google.common.collect.ImmutableList;

import org.springframework.context.annotation.Configuration;
import org.springframework.data.util.Pair;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

import java.util.List;


@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class HelloWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
	public static final List<String> SECURITY_IGNORE_PATH =
		      new ImmutableList.Builder<String>()
		          .add("/css/**")
		          .add("/img/**")
		          .add("/js/**")
		          .add("/webjars/springfox-swagger-ui/**")
		          .add("/swagger-resources/**")
		          .add("/v2/api-docs/**")
		          .add("/v1/**")
		          .add("/api/v1/**")
		          .add("/suiteinstaller/**")
		          .add("/urest/v1/**")
		          .add("/urest/v1.1/tokens")
		          .add("/urest/v1.1/request/header/**")
		          .add("/urest/v1.1/healthz")
		          .add("/h2-console/**")
		          .build();

		  public static final List<Pair<String, HttpMethod>> SECURITY_IGNORE_WITH_METHOD_PATH =
		      new ImmutableList.Builder<Pair<String, HttpMethod>>().
		          add(Pair.of("/urest/v1.1/cdf/token", HttpMethod.POST))
		          .add(Pair.of("/urest/v1.1/tokens/**", HttpMethod.GET))
		          .add(Pair.of("/urest/v1.1/tokens/request", HttpMethod.POST))
		          .add(Pair.of("/urest/v1.1/tokens/access", HttpMethod.POST))
		          .add(Pair.of("/urest/v1.1/tokens/access/token", HttpMethod.POST))
		          .add(Pair.of("/urest/v1.1/tokens/refreshToken", HttpMethod.POST))
		          .build();

		  public static final List<String> IGNORE_CSRF_PATH =
		      new ImmutableList.Builder<String>()
		          .add("/urest/v1.1/front-end-storage")
		          .add("/urest/v1.1/cdf/cookie")
		          .add("/urest/v1.1/cdf/token")
		          .build();

	@Override
	public void configure(WebSecurity webSecurity) throws Exception {
	    for (String path : SECURITY_IGNORE_PATH) {
            webSecurity.ignoring().antMatchers(path);
        }
        for(Pair<String,HttpMethod> pair:SECURITY_IGNORE_WITH_METHOD_PATH) {
            webSecurity.ignoring().antMatchers(pair.getSecond(),pair.getFirst());
        }
	}

	@Override
	protected AuthenticationManager authenticationManager() throws Exception {
		return super.authenticationManager();
	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		super.configure(auth);
	}

	@Override
	public void init(WebSecurity web) throws Exception {
		super.init(web);
		web.ignoring().antMatchers("/*");
	}

	@Override
	protected UserDetailsService userDetailsService() {
		// org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator@278667fd
		return super.userDetailsService();
	}

}
